Connecting Additional Axonius Collector Nodes

You can create additional collector nodes that connect to the Core node. Collector nodes allow you to:

• Fetch data from partially connected networks with limited connectivity or strict firewall rules.
• Add load balancing to improve the overall performance of your Axonius deployment.
  
  

To connect a collector node, the following are required:

• The Axonius collector node must be installed on the partially connected network, with the same Axonius release version as the Axonius Core Node.
• The following ports must be open from the Axonius Collector Node to the Axonius Core Node for OpenVPN:
  • TCP/6783:

Node Sizing Recommendations

* SSD is not required for storage

Connecting an Additional Node

1. Deploy an Axonius node into the additional network and start the machine
   a. Decrypt the system using the steps provided by Axonius.
   b. Configure the IP address per the "Setting the IP address" section in Configuring the Axonius Platform
   c. Install the license as described in Logging on and Signing Up. However, do not fill in signup details or configure an Admin users.
2. Log into the Axonius core node, and go to the Instances page. The Instances page opens, displaying the installed Axonius instances, that include tagged name, hostname, IP address, last seen, installed version, and the status (activated/deactivated) of each instance.

3. To connect an additional collector node, click Connect Node. A message box is displayed that instructs you how to connect an additional node to the Core node.
   You need to perform the following steps:

   a. Deploy another Axonius machine on the required subnet.
   b. Log into the new node machine with the ssh credentials supplied.
   c. Enter a node name in the text box to identify the newly created node.
   d. Click Generate and Copy to generate and copy a connection string.
   e. Paste the string in the console.

   Note:

   This is a one time connection string and can only be used once for each new node.

4. Once you paste the connection string, wait a few minutes until the node connects. You should see a success message. An additional collector node is now added in the Instances page with an Activated status.

As a result, you can now configure any adapter to use the newly added Axonius collector node.

Managing Nodes

Deactivating a Node

You can deactivate a node instance from the system using the Instance drawer. When you deactivate an instance, all adapter connections using this node are removed.
To deactivate a node:

1. From the Instances page, click on an active node. The Instance drawer opens.

2. Click the Actions button and choose Deactivate. The system asks you to confirm your action.

   

   Once you confirm the action:

   • All the adapter connections that use the selected Axonius node are removed.
   • The status of the instance is marked as Deactivated.

Reactivating a Node

You can reactivate a node using the Instance drawer.
To reactivate a deactivated node:

1. From the Instances page, click on a node which is not currently active. The Instance drawer opens.
2. Click the Actions button and choose Reactivate. The system asks you to confirm your action. Once confirmed, the status of the selected Axonius collector node(s) is updated as Activated.

Restarting an Instance

You can restart an Axonius node from the Instance drawer. When you restart an instance this logs off all users, and halts all pending system activities. In addition, you lose communication with the instance, until it is back online again.
To restart an Instance

1. From the Instances page, click on a node. The Instance drawer opens.
2. Click the Actions button and choose Restart. The system asks you to confirm your action. Once confirmed, the status of the selected Axonius collector node(s) is updated as Activated.
   Once you confirm the action:
   1. All users connected to that instance are logged off.
   2. All pending system activities are halted.
   3. You cannot communicate with the instance until it is back online again.
   4. The status of the instance is marked as 'Restarting'.

Shutting Down a Node

You can shut down a node on the system directly from the Instance drawer. When you shut down a node all users connected to that instance are logged off, and all pending system activities are halted. You will lose communication with this instance. When you shut down a node, you can only turn it on again by directly accessing the machine.

To shut down a node:

1. From the Instances page, click on the node. The Instance drawer opens.

2. Click the Actions button and choose Shutdown. The system asks you to confirm your action.

   

   Once you confirm the action:

   • All users connected to that instance are logged off.
   • All pending system activities are halted.
   • The status of the instance is marked as 'Shutdown'.
     
     

Renaming Instances and Hostnames

To allow you to manage your Instances better you can rename the Instances as well as the Hostnames
To rename an Instance:

1. From the Instances page, click on an Instance.
2. The instance drawer is displayed. You can rename the Instance Name or Hostname.
   The Hostname field should not include spaces or special characters.

Adding Instance Indication

Use Show Indication on the Axonius Core node instances to easily distinguish between your different Axonius machines and show a banner with the name of the Core instance at the bottom of all system pages. You can also add a color for each Core instance.

1. From the Instances page, click on a Core Instance.
2. The Instance drawer opens.
3. Select Show Indication to display a banner with the Instance Name field value on all system pages for this Axonius Core node instance.

4. Once you select Show Indication, the color selector is displayed. Use the drop-down color select to choose a color for the banner to further help you distinguish between your Axonius machines.

5. Select one of the pre-set colors or enter RGB or Hexadecimal values.

The name and the color you set, now appear in the banner at the bottom of all pages of your Core instance.

Instance Performance Metrics

To view instance performance metrics:

1. From the Instances page, click on an Instance.
2. The instance drawer opens and displays instance performance metrics.
3. The following performance metrics are displayed:
   • CPU Usage - CPU usage in percentages
   • Hard Drive: Free Size (GB) - The available disk space that is left on the Instance machine.
   • Hard Drive: Size (GB) - The total disk space that is configured on the Instance machine.
   • Free RAM (GB) - The available memory that is left on the Instance machine.
   • Total RAM (GB) - The total memory that is configured on the Instance machine.
   • Free Swap (GB) - The available Swap memory that is left on the Instance machine.
   • Total Swap (GB) - The total Swap memory that is configured on the Instance machine.
   • Total Physical Processors - Total number of physical processors on the instance machine.
   • CPUs: Cores - Number of CPU cores on the instance machine.
   • CPUs: Threads in core - Number of threads per core.
   • Last Historical Snapshot (GB) - The amount of storage taken up by the most recent historical snapshot.
   • Days Remaining for Historical Snapshots - The number of estimated days, historical snapshots will still be saved given available storage capacity. Note: This field will only be visible if 1) historical data retention is not configured OR 2) the number of days configured for historical data retention is higher than the estimated number of available snapshots.